Info |
---|
The objective of this page is to inventory other IAM CMMs, near complementary CMMs, or complementary CMMssimilar models, frameworks, and standards. |
CMM | Scope | Last Update / Version | Comments | Key References | |
---|---|---|---|---|---|
CMMI-SVC | General-purpose CMM model for Service Providers | Version 1.3 (2011) | |||
COBIT 5 for Information Security | |||||
European Union Agency for Network and Information | |||||
ISO/IEC 21827:2008(E) SSE-CMM (Systems Security Engineering - Capability Maturity Model) | InfoSec | 2008 | Accompanied by the ISO 27k family of information security standards. | ||
ISF Standard of Good Practice for Information Security | |||||
IT Capability Maturity Framework - Information Security Management (IT-CMF:ISM) | |||||
ITIL | |||||
NIST Computer/Cybersecurity Frameworks | |||||
Osmanoglu | CMMWorkforce IAM | 2013 | A proper Workforce IAM CMM. | ||
PalsonKennedy and Gopal | CMMCloud Computing and IAM | Not a real CMM but rather a discussion on Cloud Computing, CMM. and IAM. | https://open-measure.atlassian.net/wiki/spaces/BIB/pages/1889108289 | ||
Payment Card Industry (PCI) Data Security Standard | |||||
SANS Top 20 | |||||
Security & Privacy Capability Maturity Model (SP-CMM) | Cybersecurity and Data Privacy | 2019.1 | |||
Secure Controls Framework | |||||
World Economic Forum Cyber Risk Framework (WEF-CRF) |